Design and Characterization of a Hardware Encryption Management Unit for Secure Computing Platforms

thesis.pdf (1.24 MB)
Downloads: 373
TR Number
Journal Title
Journal ISSN
Volume Title
Virginia Tech

Software protection is increasingly necessary for a number of applications, ranging from commercial systems and digital content distributors, to military systems exposed in the field of operations. As computing devices become more pervasive, and software more complex, insufficiencies with current software protection mechanisms have arisen. Software--only and data--only protection systems have resulted in broken systems that are vulnerable to loss of software confidentiality and integrity.

A growing number of researchers have suggested that hardware encryption mechanisms be employed to enforce software protection. Although there are several competing architectures, few offer the necessary protection while remaining compatible with modern computing systems and models. The Virginia Tech Secure Software Platform is the first architecture to achieve both increased protection and usability.

This thesis presents the design and implementation of a fast, flexible Encryption Management Unit (EMU) for Virginia Tech Secure Software and compatible platforms. The design is capable of providing decryption of program instructions residing in page--sized sections of memory, without modification to the core processor. The effect of the EMU is modeled with varying application types and system loads. Lastly, a benchmark designed to measure actual performance was created to measure the actual performance of the EMU and validate the models.

encryption, cryptography, secure processors, secure computing